Curation implicit run on 403 error

buildtools/cli.go

@@ -3,6 +3,7 @@ package buildtools
 import (
 	"errors"
 	"fmt"
+	"github.com/jfrog/jfrog-cli-security/utils/techutils"
 	"os"
 	"strconv"
 	"strings"
@@ -91,7 +92,9 @@ func GetCommands() []cli.Command {
 			SkipFlagParsing: true,
 			BashComplete:    corecommon.CreateBashCompletionFunc(),
 			Category:        buildToolsCategory,
-			Action:          MvnCmd,
+			Action: func(c *cli.Context) (err error) {
+				return wrapCmdWithCurationPostFailureRun(c, MvnCmd)
+			},
 		},
 		{
 			Name:         "gradle-config",
@@ -215,7 +218,9 @@ func GetCommands() []cli.Command {
 			SkipFlagParsing: true,
 			BashComplete:    corecommon.CreateBashCompletionFunc(),
 			Category:        buildToolsCategory,
-			Action:          GoCmd,
+			Action: func(c *cli.Context) (err error) {
+				return wrapCmdWithCurationPostFailureRun(c, GoCmd)
+			},
 		},
 		{
 			Name:         "go-publish",
@@ -252,7 +257,9 @@ func GetCommands() []cli.Command {
 			SkipFlagParsing: true,
 			BashComplete:    corecommon.CreateBashCompletionFunc(),
 			Category:        buildToolsCategory,
-			Action:          PipCmd,
+			Action: func(c *cli.Context) (err error) {
+				return wrapCmdWithCurationPostFailureRun(c, PipCmd)
+			},
 		},
 		{
 			Name:         "pipenv-config",
@@ -325,9 +332,13 @@ func GetCommands() []cli.Command {
 			SkipFlagParsing: true,
 			BashComplete:    corecommon.CreateBashCompletionFunc("install", "i", "isntall", "add", "ci", "publish", "p"),
 			Category:        buildToolsCategory,
-			Action: func(c *cli.Context) error {
+			Action: func(c *cli.Context) (errFromCmd error) {
 				cmdName, _ := getCommandName(c.Args())
-				return npmGenericCmd(c, cmdName, false)
+				if errFromCmd = npmGenericCmd(c, cmdName, false); errFromCmd != nil {
+					CurationInspectAfterFailure(c, errFromCmd)
+					return errFromCmd
+				}
+				return nil
 			},
 		},
 		{
@@ -391,6 +402,25 @@ func GetCommands() []cli.Command {
 	})
 }
 
+func wrapCmdWithCurationPostFailureRun(c *cli.Context, cmd func(c *cli.Context) error) error {
+	if err := cmd(c); err != nil {
+		CurationInspectAfterFailure(c, err)
+		return err
+	}
+	return nil
+}
+
+func CurationInspectAfterFailure(c *cli.Context, errFromCmd error) {
+	cmdName, _ := getCommandName(c.Args())
+	if compContexts, errConvertCtx := components.ConvertContext(c); errConvertCtx == nil {
+		if errPostCuration := securityCLI.CurationCmdPostInstallationFailure(compContexts, cmdName, techutils.Npm, errFromCmd); errPostCuration != nil {
+			log.Error(errPostCuration)
+		}
+	} else {
+		log.Error(errConvertCtx)
+	}
+}
+
 func MvnCmd(c *cli.Context) (err error) {
 	if show, err := cliutils.ShowCmdHelpIfNeeded(c, c.Args()); show || err != nil {
 		return err
@@ -831,6 +861,7 @@ func npmGenericCmd(c *cli.Context, cmdName string, collectBuildInfoIfRequested b
 
 	// Run generic npm command.
 	npmCmd := npm.NewNpmCommand(cmdName, collectBuildInfoIfRequested)
+
 	configFilePath, args, err := GetNpmConfigAndArgs(c)
 	if err != nil {
 		return err

go.mod

@@ -18,10 +18,10 @@ require (
 	github.com/jfrog/archiver/v3 v3.6.1
 	github.com/jfrog/build-info-go v1.9.31
 	github.com/jfrog/gofrog v1.7.5
-	github.com/jfrog/jfrog-cli-artifactory v0.1.2
+	github.com/jfrog/jfrog-cli-artifactory v0.1.1
 	github.com/jfrog/jfrog-cli-core/v2 v2.54.0
 	github.com/jfrog/jfrog-cli-platform-services v1.3.0
-	github.com/jfrog/jfrog-cli-security v1.6.3
+	github.com/jfrog/jfrog-cli-security v1.6.2
 	github.com/jfrog/jfrog-client-go v1.43.1
 	github.com/jszwec/csvutil v1.10.0
 	github.com/stretchr/testify v1.9.0
@@ -176,6 +176,6 @@ replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.
 
 replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20240804091815-7407ceb49077
 
-// replace github.com/jfrog/jfrog-cli-security => github.com/jfrog/jfrog-cli-security v1.6.3-0.20240729081816-371509c205d6
+replace github.com/jfrog/jfrog-cli-security => github.com/asafambar/jfrog-cli-security v0.0.0-20240805143838-ec991d733bc2
 
 // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog dev

go.sum

@@ -643,6 +643,8 @@ github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0 h1:jfIu9sQUG6Ig
 github.com/arbovm/levenshtein v0.0.0-20160628152529-48b4e1c0c4d0/go.mod h1:t2tdKJDJF9BV14lnkjHmOQgcvEKgtqs5a1N3LNdJhGE=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
+github.com/asafambar/jfrog-cli-security v0.0.0-20240805143838-ec991d733bc2 h1:C7u/La9Npp0wrxM9VPjtd95l6rAy9NEgFP+RHAXJM8w=
+github.com/asafambar/jfrog-cli-security v0.0.0-20240805143838-ec991d733bc2/go.mod h1:rTaZ9yeSQiSbfVFkRG/0OLPjq8Fis3dHBUgCVnIbe+E=
 github.com/beevik/etree v1.4.0 h1:oz1UedHRepuY3p4N5OjE0nK1WLCqtzHf25bxplKOHLs=
 github.com/beevik/etree v1.4.0/go.mod h1:cyWiXwGoasx60gHvtnEh5x8+uIjUVnjWqBvEnhnqKDA=
 github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8=
@@ -938,12 +940,18 @@ github.com/jfrog/archiver/v3 v3.6.1 h1:LOxnkw9pOn45DzCbZNFV6K0+6dCsQ0L8mR3ZcujO5
 github.com/jfrog/archiver/v3 v3.6.1/go.mod h1:VgR+3WZS4N+i9FaDwLZbq+jeU4B4zctXL+gL4EMzfLw=
 github.com/jfrog/build-info-go v1.8.9-0.20240804091815-7407ceb49077 h1:Cdi9S8nUFMllxukuw5Z0X/UDmkW5nTdl0pT432fySp4=
 github.com/jfrog/build-info-go v1.8.9-0.20240804091815-7407ceb49077/go.mod h1:DZCElS/UhaSJHn0K1YzRUOJqiqVS4bjAEnGQSFncwNw=
+github.com/jfrog/build-info-go v1.9.31 h1:1pLC19hc9AEdWA87D+EcvMTLsDeMa390Z8TrNpCO4K8=
+github.com/jfrog/build-info-go v1.9.31/go.mod h1:DZCElS/UhaSJHn0K1YzRUOJqiqVS4bjAEnGQSFncwNw=
 github.com/jfrog/froggit-go v1.16.1 h1:FBIM1qevX/ag9unfmpGzfmZ36D8ulOJ+DPTSFUk3l5U=
 github.com/jfrog/froggit-go v1.16.1/go.mod h1:TEJSzgiV+3D/GVGE8Y6j46ut1jrBLD1FL6WdMdKwwCE=
 github.com/jfrog/gofrog v1.7.5 h1:dFgtEDefJdlq9cqTRoe09RLxS5Bxbe1Ev5+E6SmZHcg=
 github.com/jfrog/gofrog v1.7.5/go.mod h1:jyGiCgiqSSR7k86hcUSu67XVvmvkkgWTmPsH25wI298=
 github.com/jfrog/jfrog-apps-config v1.0.1 h1:mtv6k7g8A8BVhlHGlSveapqf4mJfonwvXYLipdsOFMY=
 github.com/jfrog/jfrog-apps-config v1.0.1/go.mod h1:8AIIr1oY9JuH5dylz2S6f8Ym2MaadPLR6noCBO4C22w=
+github.com/jfrog/jfrog-cli-artifactory v0.1.1 h1:3HfowB29TBEtr6BgAezdqTRVFhBFa5XasxARLh+1HDE=
+github.com/jfrog/jfrog-cli-artifactory v0.1.1/go.mod h1:Jyv0OecV8k8JOT5C5m/UmS1KCsR1xkog1OjKJeDuMcY=
+github.com/jfrog/jfrog-cli-core/v2 v2.54.0 h1:vSVSADvuZ2vou4B5spfsUZ32oA/sl4mPVEVgqfNbjUM=
+github.com/jfrog/jfrog-cli-core/v2 v2.54.0/go.mod h1:ynAcz9jWDrcQi1/IkNLrIgfQnJO8LPLFwjLplgvY8KI=
 github.com/jfrog/jfrog-cli-artifactory v0.1.2 h1:CbDYDYItZL4QwEX4Br9SDBztSxiXzfaxAT0gNcrcd6Y=
 github.com/jfrog/jfrog-cli-artifactory v0.1.2/go.mod h1:Jyv0OecV8k8JOT5C5m/UmS1KCsR1xkog1OjKJeDuMcY=
 github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20240804120419-eb9c383939e7 h1:m5YqKCjplFmHv9A4k6h693D8WmQz3CG0lh9NwJxxz5k=
@@ -954,6 +962,8 @@ github.com/jfrog/jfrog-cli-security v1.6.3 h1:qo0anXfz/5l8bMZY0GsnTWM+a/qjHsn7ZY
 github.com/jfrog/jfrog-cli-security v1.6.3/go.mod h1:rTaZ9yeSQiSbfVFkRG/0OLPjq8Fis3dHBUgCVnIbe+E=
 github.com/jfrog/jfrog-client-go v1.28.1-0.20240804121253-32ba23f22ade h1:YiR24tGb+8jYHYyqUdIkEUzVaYs92RfbJgPR1SAu7Q8=
 github.com/jfrog/jfrog-client-go v1.28.1-0.20240804121253-32ba23f22ade/go.mod h1:tSV6/YJT9zYaYNY42NMRUby5Q2hKkh0VmR5sGCYTZl8=
+github.com/jfrog/jfrog-client-go v1.43.1 h1:KIauYofb7R02mGDc8XADEvu245BJjUryjtq+YQQIbY8=
+github.com/jfrog/jfrog-client-go v1.43.1/go.mod h1:J/Ketm4TkBudXG8gAGY74jtNUbKhXn1+XaRfJcJVkvA=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/jszwec/csvutil v1.10.0 h1:upMDUxhQKqZ5ZDCs/wy+8Kib8rZR8I8lOR34yJkdqhI=